The vCloud API defines a set of objects common to cloud computing environments. An understanding of these objects, their properties, and their relationships is essential to using the vCloud API.

vCloud API Object Taxonomy

vCloud API objects have the following high-level properties:

Organizations

A cloud can contain one
or more organizations. Each organization is a unit of administration for a
collection of users, groups, and computing resources. Users authenticate at the
organization level, supplying credentials established when the user was created
or imported. User credentials are authenticated by the organization's identity
provider, which can be either the integrated identity provider included in
vCloud Director
or an external SAML-based identity provider.

Users and Groups

An organization can
contain an arbitrary number of users and groups. Users can be created by the
organization administrator or imported from an LDAP directory service or
SAML-based identity provider. Groups must be imported. Permissions within an
organization are controlled through the assignment of rights and roles to users
and groups.

Catalogs

Catalogs contain
references to vApp templates and media images. You can configure a catalog in
several different ways:

■

as a repository for
local content that can remain private to the catalog owner or can be shared
with other users, groups, or organizations in your cloud

■

as a source of
published content, to which other clouds can subscribe.

■

as a local
repository for content published by another cloud or any Web site that hosts a
VMware Content Subscription Protocol (VCSP) endpoint.

An
organization administrator or catalog owner controls catalog sharing.
Organization administrators in organizations that have permission to publish
catalogs control publication and subscription options for catalogs in their
organization. A system administrator can enable background synchronization of
catalogs with external sources and set background synchronization schedules to
regulate consumption of network bandwidth by this activity.

Organization VDCs

An organization virtual
datacenter (organization VDC) is a deployment environment for virtual systems
owned by the containing organization, and an allocation mechanism for resources
such as networks, storage, CPU, and memory. In an organization VDC, computing
resources are fully virtualized, and can be allocated based on demand, service
level requirements, or a combination of the two.

Organization VDC Networks

An organization VDC can
be provisioned with one or more networks. These organization VDC networks can
be configured to provide direct or routed connections to external networks, or
can be isolated from external networks and other organization VDC networks.
Routed connections require an Edge Gateway and network pool in the VDC. The
Edge Gateway provides firewall, network address translation, static routing,
VPN, and load balancing services.

Virtual Systems and Media Images

Virtual systems and ISO-format media images are stored in a catalog and represented as catalog item objects. Virtual systems are stored as templates, using an open standard format (OVF 1.0). These templates can be retrieved from catalogs and transformed into virtual systems, called vApps, through a process called instantiation, which binds a template’s abstract resource requirements to resources available in a VDC. A vApp contains one or more individual virtual machines (Vm elements), along with parameters that define operational details, including:

■

How the contained virtual machines are connected to each other and to external networks.

■

The order in which individual virtual machines are powered on or off.

■

End-user license agreement terms for each virtual machine.

■

Deployment lease terms, typically inherited from the containing organization, that constrain the consumption of VDC resources by the vApp.

■

Access control information specifying which users and groups can perform operations such as deploy, power on, modify, and suspend on the vApp and the virtual machines that it contains.

Tasks

Asynchronous operations are tracked by task objects. Running and recently completed tasks initiated by members of an organization are kept on the organization’s tasks list.